From 5e27a6cb0b64eab189b474bd91f23c05cab94cb2 Mon Sep 17 00:00:00 2001 From: "Andrew M. Kuchling" Date: Fri, 6 Oct 2006 18:59:10 +0000 Subject: [PATCH] [Backport r46602 | neal.norwitz] Patch #1357836: Prevent an invalid memory read from test_coding in case the done flag is set. In that case, the loop isn't entered. I wonder if rather than setting the done flag in the cases before the loop, if they should just exit early. This code looks like it should be refactored. Backport candidate (also the early break above if decoding_fgets fails) --- Parser/tokenizer.c | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/Parser/tokenizer.c b/Parser/tokenizer.c index 07b38a99612e..fedab3092f33 100644 --- a/Parser/tokenizer.c +++ b/Parser/tokenizer.c @@ -865,6 +865,11 @@ tok_nextc(register struct tok_state *tok) if (decoding_fgets(tok->inp, (int)(tok->end - tok->inp), tok) == NULL) { + /* Break out early on decoding + errors, as tok->buf will be NULL + */ + if (tok->decoding_erred) + return EOF; /* Last line does not end in \n, fake one */ strcpy(tok->inp, "\n"); @@ -872,14 +877,16 @@ tok_nextc(register struct tok_state *tok) tok->inp = strchr(tok->inp, '\0'); done = tok->inp[-1] == '\n'; } - tok->cur = tok->buf + cur; - /* replace "\r\n" with "\n" */ - /* For Mac we leave the \r, giving a syntax error */ - pt = tok->inp - 2; - if (pt >= tok->buf && *pt == '\r') { - *pt++ = '\n'; - *pt = '\0'; - tok->inp = pt; + if (tok->buf != NULL) { + tok->cur = tok->buf + cur; + /* replace "\r\n" with "\n" */ + /* For Mac we leave the \r, giving a syntax error */ + pt = tok->inp - 2; + if (pt >= tok->buf && *pt == '\r') { + *pt++ = '\n'; + *pt = '\0'; + tok->inp = pt; + } } } if (tok->done != E_OK) { -- 2.47.3